The presence of video cameras and microphones in computerized products such as desktop computers, laptop computers, PDAs, tablets and mobile phones creates an information security and privacy protection challenge today. As computers connected to public networks and to the internet can be easily hacked and controlled remotely, these products having internal or external video cameras and microphones are at risk of becoming an eavesdropping device. Attacker can easily install a malicious code on the product that will activate the video camera and microphone to get real-time video and audio surveillance of the surrounding environment. Video and audio stream received from the video camera is then compressed and the resulted data is streamed over the internet to the interested attacker. Then the attacker reconstructs the video and audio signal, enhance it if needed and analyze it to recover valuable information. Such method can operate while the user is completely unaware and it can even run undetectable by anti-virus and intrusion detection programs through the use of Zero Day Vulnerabilities. Zero Day Vulnerabilities are non-publicized new security vulnerabilities that can be used by attackers to modify or control product functionality.
One of the most common methods used to hack computer video cameras and microphones remotely is through the use of RAT. RAT is an acronym for Remote Access Trojan. A RAT might have a functional use, but it is typically used to describe malicious code that is installed without the user's knowledge with the intent of monitoring the computer, logging keystrokes, capturing passwords and otherwise assuming control of the computer from a remote location. Common RATs such as Sub7 have the functionality of enabling computer microphone or video camera remotely and streaming the data back to the attacker.
Prior-art computer video cameras are prone to covert eavesdropping as they are typically not equipped with efficient means of properly disabling camera activity when not used by the user. Even when a mechanical shutter and On-Off switch is installed in the camera, such switch is not efficient as users tend to leave it on continuously.
Computer video camera devices are also lacking the clear user indications when camera and microphone are active and therefore users are unaware when the camera and microphone are being activated by software means.
Another disadvantage of prior-art computer video cameras is the lack of anti-tampering means that will prevent physical attack on the device in attempt to bypass switches or other internal security means.
To overcome these disadvantages, many high-security organizations are instructing their workforce to remove all video cameras from their desktop computers. In addition to that, many organizations are physically removing internal video cameras and microphones from the laptop computers that they are purchasing and using.
Cisco TelePresence PrecisionHD USB Camera data-sheet (document number C78-628611) discloses a video camera having a mechanical shutter controllable by the user that couples with enable-disable switch and LED indicator. This product is a Tandberg Telecom AS product that is also covered by US Patent application 2010/0134635 A1.
While mechanical shutter offers some security and privacy protection, it fails to provide stronger level of protection needed for high security organizations as user may leave the camera on and the shutter open for unlimited time.
US Patent application 2011/0058255 A1 discloses yet another simple solution for video camera security and privacy—a mechanical lens cover that may be manually positioned by the user. This method lacks the mechanism to prevent users from leaving the shutter in open position and therefore it is unsecure.
U.S. Pat. No. 5,949,474 discloses a videophone device having a video camera with lens cover and warning light. The disclosed device is fundamentally different from the computer video camera device and method of the current invention. Further the implementation claimed in this patent does not provide adequate protection level as the user may leave the shutter open indefinitely.